SamSam spreads by targeting and infecting servers that contain unpatched vulnerabilities. Maktub and Samsam do not communicate with a C&C server to encrypt files on an infected computer. SamSams primary target is the healthcare industry. Check Point Anti-Virus & SandBlast includes relevant Samsam and Maktub indicators for known malicious domains and related files. Ransomware.Win32.Samsam* and R.Maktub.* are both independently acting ransomware, meaning that once they are installed on a system, they encrypt the files without any need to communicate.”]

